One time dynamic password (OTP) is a password which is valid for only one login session. In contrast to the traditional static password they are not vulnerable to replay attacks. This means that, if a potential intruder manages to record a OTP that was already used to log into a service or to conduct a transaction, he or she will not be able to abuse it since it will be no longer valid. A typical OTP system comprises of a OTP generating client and OTP validation (authentication) server. OTP generating clients are personalized tokens implemented either in hardware or software and accordingly known as hardware token or software token respectively. In a simple login flow, a user generates a OTP using his/her OTP generating client and submit the same as password in the login screen along with user's login id. Authentication server on receipt of the credentials, generate a OTP for that user on the server, and validates the same with the user submitted OTP. If both matches, the authentication is considered successful. For the success of this system, the most critical aspect is the ability of the client and server to independently generate a OTP that is same at both ends at any given instance. It means both the client and server state need to be in synchronization at all times to generate same OTP at both ends. In many systems this synchronization is achieved by way of either using time or a counter (event) as synchronous parameter, and accordingly the systems are known as time based or counter based OTP systems. In a time based OTP system, the OTP algorithm is a function of time which is taken from a precision timer placed in the client. At any given time excluding the little deviation in network delays, both the client and server are expected to generate same OTP as long as the timers on client and server are in synchronization. Similarly, in a counter based OTP system, the OTP algorithm is a function of a counter value. An initial counter value is placed at both client and server for a user. Whenever a user generates a OTP on client, the current counter value is used to generate OTP and the counter is incremented or decremented depending on the logic. On successful validation of the OTP, the server also increments or decrements the counter and hence keeping the state of the counter in synchronization with that of client. As can be seen, in both these above techniques there is a possibility that the client and server state (time or counter value) can be out of synchronization, causing the client and server to generate OTPs that are difference and hence failing the authentication. Even a precision timer drifts the time over a period of time. Similarly some of the OTPs that are generated but are failed to submit to server (ex: due to network failure) can lead to counter values that are out of sync at both client and server. Hence, in all time or counter based OTP systems out of synchronization is a major challenge that requires human intervention to keep them in sync again, causing administrative overhead. In some implementations, auto resynchronization is feasible if the drift is small, but at the cost of security.